Certified Digital Forensics Examiner Training (CDFE)
Commitment | 5 Days, 7-8 hours a day. |
Language | English |
User Ratings | Average User Rating 4.8 See what learners said |
Price | REQUEST |
Delivery Options | Instructor-Led Onsite, Online, and Classroom Live |
COURSE OVERVIEW
The Certified Digital Forensics Examiner Training (CDFE) Workshop teaches students the essentials of electronic discovery surrounding digital crimes and how to present their findings in a legally acceptable manner.
The Certified Digital Forensics Examiner vendor-neutral certification is designed to train Cyber Crime and Fraud Investigators whereby students are taught electronic discovery and advanced investigation techniques. This Certified Digital Forensics Examiner (CDFE) Workshop is essential to anyone encountering digital evidence while conducting an investigation. ENO Institute Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination. Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report.
The Certified Digital Forensics Examiner (CDFE) Workshop course will benefit organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, proof of guilt, or corrective action based on digital evidence. An example of “corrective action” would be the termination of an employee for a violation of computer usage where digital evidence was needed to support the allegation. The investigator must furnish an irrefutable burden of proof based on that digital evidence. If not irrefutable, an attorney knowledgeable about Computer Forensics could have the case thrown out of court. Government or investigative agencies need proper training to succeed in cases like the above as well as those including acts of fraud, computer misuse, illegal pornography, counterfeiting, and so forth.
Certified Digital Forensics Examiner Training (CDFE) Workshop teaches the methodology for conducting a computer forensic examination. Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report.
ACCREDITATIONS & ACKNOWLEDGEMENTS
- ACCREDITED by the NSA CNSS 4011-4016
- MAPPED to NIST / Homeland Security NICCS’s Cyber Security Workforce Framework
- APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)
EXAM INFORMATION:
- The Certified Digital Forensics Examiner Training Exam is taken online through Mile2 Assessment and Certification System (“MACS”), which is accessible on your Mile2 account. The exam will take 2 hours and consist of 100 multiple-choice questions. The cost is $400 USD and must be purchased from ENO Institute.
WHAT'S INCLUDED?
- 5 Days of Certified Digital Forensics Examiner Training (CDFE) from an Authorized Instructor
- Official CDFE Student Courseware (Electronic Version)
- Student Lab guide
- Exam Prep Guide
- Certificate of Completion
- CPEs: 40 Hours
RESOURCES
- Certified Digital Forensics Examiner Training (CDFE) – https://www.wiley.com/
- Certified Digital Forensics Examiner Training (CDFE) – https://www.packtpub.com/
- Certified Digital Forensics Examiner (CDFE) – https://store.logicaloperations.com/
- Certified Digital Forensics Examiner (CDFE) – https://us.artechhouse.com/
- Certified Digital Forensics Examiner Training (CDFE) – https://www.amazon.com/
RELATED COURSES
- Certified Incident Handling Engineer Training (CIHE)
- Certified Information Systems Security Officer Training (CISSO)
- Certified Cloud Security Officer Training (CCSO)
- Certified Powershell Hacker (CPSH) Training
- Certified Penetration Testing Engineer Training (CPTE)
- Certified Disaster Recovery Engineer Training (CDRE)
- Certified Network Forensics Examiner Training (CNFE)
- Certified Secure Web Application Engineer Training (CSWAE)
- Certified Professional Ethical Hacker Training (CPEH)
ADDITIONAL INFORMATION
COURSE OBJECTIVES
After completing this Certified Digital Forensics Examiner Training (CDFE) course, students will be able to:
- Establish industry-acceptable digital forensics standards with current best practices and policies. Students will also be prepared to competently take the C)DFE exam.
CUSTOMIZE IT
- We can adapt this Certified Digital Forensics Examiner Training (CDFE) course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this Certified Digital Forensics Examiner (CDFE) course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the Certified Digital Forensics Examiner (CDFE) around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Certified Digital Forensics Examiner (CDFE) course in a manner understandable to lay audiences.
AUDIENCE/TARGET GROUP
The target audience for this Certified Digital Forensics Examiner Training (CDFE) course:
- Security Officers
- IS Managers
- Agents/Police Officers
- Attorneys
- Data Owners
- IT managers
- IS Manager/Officers
CLASS PREREQUISITES
The knowledge and skills that a learner must have before attending this Certified Digital Forensics Examiner Training (CDFE) course are:
- A minimum of 12 months experience in networking technologies
- Sound knowledge of TCP/IP
- Knowledge of Microsoft packages
- Network+, Microsoft, Security+
- Basic Knowledge of Linux is essential
COURSE SYLLABUS
Module 0 –Course Introduction
Module 1 –Computer Forensics Incidents
- Section 1 –Origins of digital forensic science
- Section 2 –Differences between criminal and civil incidents
- Section 3 –Types of computer fraud incidents
- Section 4 –Internal and external threats
- Section 5 –Investigative challenges
Module 2 –Incident Handling
- Section 1 –What is an Incident?
- Section 2 –Incident Handling Steps
- Phase 1: Preparation
- Phase 2: Identification and Initial Response
- Phase 3: Containment
- Phase 4: Eradication
- Phase 5: Recovery
- Phase 6: Follow-up
Module 3 –Computer Forensic Investigative Theory
- Section 1 –Investigative Theory
- Section 2 –Investigative Concepts
- Section 3 –BEA & EFA
Module 4 –Computer Forensic Investigative Process
- Section 1 –Investigative Prerequisites
- Section 2 –Investigation Process
Module 5 –Digital Acquisition
- Section 1 –Acquisition Procedures
- Section 2 –Evidence Authentication
- Section 3 -Tools
- Certified Digital Forensics Examiner Training (CDFE)
Module 6 –Disks and Storages
- Section 1 –Disk OS and Filesystems
- Section 2 –Spinning Disks Forensics
- Section 3 –SSD Forensics
- Section 4 –Files Management
Module 7 –Forensic Examination Protocols
- Section 1 –Science Applied to Forensics
- Section 2 –Cardinal Rules & Alpha 5
- Section 3 –The 20 Basic Steps of Forensics
Module 8 –Digital Evidence Protocols
- Section 1 –Digital Evidence Categories
- Section 2 –Evidence Admissibility
Module 9 –Digital Evidence Presentation
- Section 1 –The Best Evidence Rule
- Section 2 -Hearsay
- Section 3 –Authenticity and Alteration
Module 10 –Computer Forensic Laboratory Protocols
Module 11 –Computer Forensic Processing Techniques
Module 12 –Specialized Artifact Recovery
- Section 1 –Forensics Workstation Prep
- Section 2 –Windows Components with Investigative Interest
- Section 3 –Files Containing Historical Information
- Section 4 –Web Forensics
Module 13 –eDiscovery and ESI
Module 14 –Mobile Forensics
- Section 1 –Cellular Network
- Section 2 –Forensic Process
- Section 3 -Tools
- Section 4 –Paraben Forensics
Module 15 – Digital Forensics Reporting
LABS
Scenario
- Lab 1 – Chain of Custody
- Lab 2 – Identify Seized Evidence
- Lab 3 – Device Acquisition
- Lab 4 – Prepare the Case Evidence
- Lab 5 – Investigate the Acquired Evidence
- Lab 6 – Prepare the Case Evidence
- Lab 7 – Finding Clues
- Lab 8 – Construct the Case Events
- Lab 9 – Tie Evidence found to the seized Android Device
- Lab 10 – Incident Response